<?php
//No output, we might have to send some headers.
include 'functions.php';

$form_submitted = isset($_POST['username']);

if ($form_submitted) {
	$username = $_POST['username'];
	$password = $_POST['password'];
	$refer = $_POST['refer'];
	
	$error = resdap_attempt_login($username,$password);
	
	if (!$error) {
		header("Refresh: 0; URL=http://resources.scratchr.org$refer");
		exit();
	}
	
} else {
	$error = false;
}

//show form
echo $html_doctype;
?>

<html>

<head>
<title> Scratch Resources | Login</title>
<?php
	//no metadata, no search engines on this page
	echo $html_meta_nosearch;
	echo $html_css;
	echo $html_scripts;
?>
</head>

<body>
<!-- HEADER -->
<div id="maincontainer">
	<?php
	include 'header.php';
	if (!$form_submitted || $error) {
		//show form
		echo '<div class="box_fullwidth">'."\n".
			 "<h1>Login</h1>\n";
		if ($error) { echo "Wrong username/password combination.<br><br>\n\n"; }
	?>
		Please enter your login:<br><br>

		<form method="post" action="/login">
			Scratch Username:<br>
			<input type="text" name="username" <?php if ($form_submitted) echo 'value="'.$username.'"';?> ></input><br>
			<br>
			Password:<br>
			<input type="password" name="password"></input><br><br>
			<input type="hidden" name="refer" value="/login"></input>
			<input type="submit" value="login"></input><br>
		</form>
		
		<br><br>
		
		<a href="http://scratch.mit.edu/password_recovery" target="_blank">Did you forget your account/password?</a>
	</div>
	
	<?php 
	}
	include('footer.php');
	?>
</div>
</body>

</html>